SuSE 11.2 Security Update : PHP5 (SAT Patch Number 6440)

This script is Copyright (C) 2013 Tenable Network Security, Inc.

Synopsis :

The remote SuSE 11 host is missing one or more security updates.

Description :

PHP5 was updated with incremental fixes to the previous update.

- Additional unsafe cgi wrapper scripts are also fixed
now. (CVE-2012-2335)

- Even more commandline option handling is filtered, which
could lead to crashes of the php interpreter.

- heap-based buffer overflow in php's phar extension.

- The crypt() implementation ignored wide characters,
leading to shorter effective password lengths. Note:
With this update applied affected passwords will no
longer work and need to be set again. (CVE-2012-2143)

See also :

Solution :

Apply SAT patch number 6440.

Risk factor :

High / CVSS Base Score : 7.5

Family: SuSE Local Security Checks

Nessus Plugin ID: 64104 ()

Bugtraq ID:

CVE ID: CVE-2012-2143

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now